Hello all!
I am using Proxmox since v3 but have not used its Firewall yet. For now I just want to restrict access to my Proxmox node not my VMs. I have enabled firewall in datacenter (with ACCEPT for input and output policy) and on the node itself. Then I have put in a simple rule to drop icmp packets. However when I ping the host I still get response. What am I missing here?
I am using Proxmox since v3 but have not used its Firewall yet. For now I just want to restrict access to my Proxmox node not my VMs. I have enabled firewall in datacenter (with ACCEPT for input and output policy) and on the node itself. Then I have put in a simple rule to drop icmp packets. However when I ping the host I still get response. What am I missing here?
Code:
root@sproxmox:/etc/pve/firewall# cat cluster.fw
[OPTIONS]
enable: 1
policy_in: ACCEPT
root@proxmox:/etc/pve/nodes/proxmox# cat host.fw
[OPTIONS]
enable: 1
[RULES]
IN DROP -p icmp -log nolog